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WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
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I) ^ Responsive to communication(s) filed on 11 January 2002 , 
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DETAILED ACTION 

Specification 

1 . The disclosure is objected to because of the following informalities: On page 4 in 
the Detailed Description of the Drawings, Extranet is labeled as #20, which does not 
match the corresponding number in the drawings. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

3. Claims 1, 6, 12 and 13 rejected under 35 U.S.C. 102(b) as being anticipated by 
Boivie. 

With respects to claims 1, 6, 12 and 13, Boivie in Patent No. 6,625,773 discloses 
in Fig1 an import filter R1 that receives a list of destinations (column 3 lines37-43). 
When R1 receives the packet containing this list of destinations, it needs to properly 
process the multicast. The router performs a route table lookup to determine the "next 
hop" for each of the destinations (next hop information), partitions the set of destinations 
based on their next hops (import target policy), replicates the packet so that there is one 
copy of the packet for each of the next hops (second subset), modifies the list of 
destinations in each of the copies so that the list in the copy for a given next hop 
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includes just the destinations that ought to be routed through the next hop (modifying 
the next hop information), and sends the modified copy of the packet onto the next hops 
(column 4 lines 17-31). Also note, in Fig1, R2, 4 and 5 can only communicate to one 
another via R3, therefore R3 can be considered a hub note in the network, as can R7 
and this router or any other router can act as a CE (customer edge) device as it only 
needs to be capable of exchanging routing information to the provider edge router. 



Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 2, 3, 8, 9, 14 and 15 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Boivie in view of Tahan. 

With respect to claims 2, 8 and 14 Boivie discloses a system of route target 
filtering as stated above, but does not disclose the next hop information to be the 
address of a router serving as a firewall of a network. However, Tahan in Patent No. 
6,915,351 discloses a method of community separation using firewalls to control 
information flow between two or more networks by blocking or permitting flows 
according to a predetermined set of rules based on the source and destination of the 
data, the requested service, and other data. Tahan states that firewalls are frequently 
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used by an enterprise to control the access of those on an external network to the 
enterprise's internal network. Firewalls may also be used to protect some parts of an 
inner network from other parts of an inner network (column 2 lines 24-39). It would 
have been obvious to one skilled in the art at the time of the invention to use a router 
serving as a firewall of a network in Boivie in order to block or permit flows to the next 
hop according to a predetermined set of rules. 

Regarding claims 3, 9 and 15 Boivie does not disclose the next hop information 
to be the address of a router serving as a firewall of a virtual private network. However, 
Tahan discloses that a virtual private network is a well-known method whereby 
encryption and tunneling are used to create a private network while using a shared or 
public infrastructure, such as the Internet. For example, a particular enterprise may 
wish to provide a connection between its computer networks at sites, which are located 
in different parts of the world. By using VPN technology, the enterprise may utilize the 
Internet for the communications while ensuring privacy and integrity. Alternatively, an 
enterprise may wish to share its network resources internally among users in multiple 
communities. Rather than use a physically separate network or virtual local area 
network for each community network, an enterprise may employ VPNs to carry traffic for 
each community over a shared network fabric. With VPNs, cryptographic methods are 
used to separate the traffic for each community over the same network resources, 
preventing users in one community from reading or modifying messages sent by users 
in a different community (column 12 lines 14-34). It would have been obvious to one 
skilled in the art at the time of the invention to include in Boivie a firewall in a virtual 
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private network in order to ensure privacy and integrity while sending packets through 
the network. 

6. Claims 4, 10 ad 16 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Boivie in view of Lin. 

With respect to claims 4,10 and 16, Boivie discloses a system as stated above, 
but does not disclose a re-export filter comprising of a mask, a value for comparison 
with the route and an action to take in response to a match between the route and the 
comparison value. However, Lin in Patent No. 6,633,563 discloses a content 
addressable memory having a search field, a mask and an output for each memory 
location. An input value and mask are respectively received on a value bus and mask 
bus. Each of the input value and mask has a number of bits equal to the search field 
length. The data stored in the output field is generated as output on an output bus if the 
input value at bit positions specified by the mask bus match the corresponding bits of 
the search field. That is, only the bits in bit positions specified by the mask may be 
compared (column 10 lines 13-22). It would have been obvious to one skilled in the art 
at the time of the invention to include a mask, a value for comparison with the route, and 
an action to take in response to a match between the route and the comparison value in 
Boivie in order to provide a method to control what is the deciding factor used to 
determine if a route is blocked or permitted and to provide a comparison method to 
decide if a route should be blocked or permitted. 



Allowable Subject Matter 
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7. Claims 5, 7, 1 1 and 17 are objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 



Conclusion 

8. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Rekhter (Patent No. 6,526,056) discloses a virtual private 
network with provider routers and customer routers exchanging information using next 
hops. Aysan (Pub No. US 2005/0025069) discloses a deployment of a hub-and-spoke 
topology virtual private network facilitated by implementing a bi-directional VRF on a 
hub PE and using the hub PE as a hub-reflector. Lloyed (Pub No. US 2003/0039212) 
discloses a method using next hops to perform policy based routing in a VPN. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Neeraj Bhatia whose telephone number is (571)272- 
5204. The examiner can normally be reached on Monday through Friday: 8:00 - 4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Chau Nguyen can be reached on (571)272-3126. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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